As used herein, a “service” is any application or resource that can be provided to a user by a computer system. Many organizations have a pool of services that are offered to their respective members. Typically, such services are made available to members via one or more interconnected computer systems accessible to all members. Exemplary implementations that may be used to provide such accessibility include, in a non-exhaustive list, central data centers, distributed or networked “grid” computing environments, and cloud computing environments. Depending on respective job functions, various members may utilize different commonly accessible services. Additionally, within an organization, different members may have access (system granted permission) to different services or levels of a service based on their respective job functions.
Access to various services or levels of a service may be determined via an access control list (ACL), which, generally, is a list of permissions attached to an object. More specifically, an ACL is a data structure (usually a table) containing entries that specify an individual user or group rights to specific system objects (services) such as programs, processes, or files.